Introduction: Prepare to Launch a Website Like a Pro

About: I love making, fixing, modding and breaking.

It’s easier than ever to create a website, which is a pretty exciting thing about our world today! That said, it’s not nearly as easy to create a professional website that feels polished and resilient in the face of security and performance tests.

I have spent almost a decade building and launching websites, and this is the list I have compiled over time to ensure that a site I’m launching is pristine. Almost everything has made it on this list because at some point I didn’t do it right the first time and learned the hard way. In fact, I’ll share horror stories, amateur moments and worst-case-scenarios with you as we go through the list so you don’t have to repeat the same mistakes!

A note about timing: If you’re using this list to launch your own website, give yourself several days or even weeks to get through this list. Or at minimum, skim this list and decide which items you want to tackle before launching.

Trust me on this: you do not want to go live before you have done some of these things, because once you go live, everything becomes an emergency. Incorrect URL redirects? Emergency. Server Errors? Emergency. SSL certificate issues? Emergency. Favicon broken? Well actually that’s not really an emergency, but it would still be nice if it looked good before email-blast all your friends, family and colleagues with the link to your new site.

Give yourself some time to do these right and the launch process can be pretty stress-free!

Prerequisites: I assume you have a website that you think you’re ready to launch. Maybe it’s a small-business website or a blog, maybe it’s a portfolio or a community resource. I’ll assume you’ve done most of the legwork and already it has a URL, it has pages with content, it has images… in other words you’re pretty sure it’s ready to launch!

In this list I’ll share my hard earned tips to take you from 90 to 100% so you can launch a website like a pro.

Here is an overview of what we’ll cover:

    • Security
    • Quality
    • Assurance Insurance
    • Visuals
    • Search Optimization
    • If Users Are Logging In To Your Site
    • If You’re Replacing or Migrating An Old Site
    • Post Launch

    Step 1: Security - SSL Certificates

    I’m starting with security because it’s more than ever, and if you get bored with this article, at least you’ve read this part!

    SSL Certificates

    Why You Should Care: SSL Certificates allow you to serve your website over HTTPS instead of HTTP. You may have not noticed this before, but when you visit a website, sometimes there is a little lock icon next to it indicating that it is being served securely. That means no one can snoop on the traffic between your website and your visitor’s computer because it gets encrypted along the way. Aside from privacy, HTTPS also protects your users from certain “man-in-the-middle” attacks.

    If your website has user accounts, accepts user input through forms, or displays personal information, it’s absolutely critical that your website is served over HTTPS. You want to keep all that information between you and your visitors private and secure.

    But even if your site doesn’t involve user-interaction, encryption is a good thing because it ensure that you’re content can’t get manipulated before it gets from your website to your visitor’s computer.

    Low-Level Horror Story: You know how you’ve put so much time in to your website to make it look good? Imagine how they would look with someone else’s advertisements on them? Just imagine how frustrating it is that someone else would be making ad revenue from your content without your control. Well folks, anyone in the middle can inject ads into a non-secured HTTP page.

    Higher-Level Horror Story: What if someone was able to easily intercept your visitor’s log in info? Maybe they could log in and change contact info or gain private info? It’s pretty easy to do if you allow users to log in to your site and don’t use HTTPS.

    How to Address:

    1. If you’re not using a custom domain, but you’re using a service like Google Sites or Heroku, then you may already be using HTTPS. Take a look at your current URL If you are using a custom domain, then you’ll need to either buy an SSL certificate or get one for free from Let’s Encrypt. If you go with a paid version, it will cost around $250 per year to cover your domain ( and any subdomains ( If you’re on a budget, Let’s Encrypt is a great option, though it can take a little more technical know-how to set up.
    2. Install the SSL certificate on your domain. The technical details of this part varies wildly, so I recommend googling “Install SSL Certificate on [Insert name of your domain provider]”
    3. Make sure you redirect ALL non-secured traffic from the unsecured version at http:// to the secured version at http:// to Test out the non-secured version on a different computer or different browser to ensure that it redirects properly from http to https.
    4. Test your SSL certificate to ensure it’s installed correctly with Qualys SSL Server Test.

    Step 2: Security - Forms

    If you have forms on your website, there are extra security considerations you need to take into account.

    A Light-Hearted Horror Story: Check out this classic comic about sanitizing database inputs here.

    How to Address:

    1. First — and most critically — sanitize your database inputs. If the content form the form goes into your database, you’ll want to make sure that it is scrubbed for malicious input. I don’t recommend doing this from scratch, instead use an existing, tested library or framework for this.
    2. If it would be problematic if a third-party hijacked a user’s session and filled out a form (like on a shopping site), then prevent against XSS attacks with CSFR protection. This is pretty technical, so I recommend reading up on it more.
    3. Finally, if you expose a form to the internet, robots will fill it out. If you haven't already, add a CAPCHA or honeypot to prevent spammy form submissions.

    Step 3: Security - Change Your Default Passwords

    This is so obvious I’m embarrassed that it’s on my list. You may not realize it, but websites and databases will sometimes ship with default passwords, making them quite easy to hack.

    Make sure that all passwords on your server, your databases and your CMS Admin account have been changed, like, yesterday.

    Amateur Moment & Horror Story: If you don’t change the defaults, you may - like I did - wake up to a very sad revelation that your website has been hacked, like the image shown above. (The image on my website was slightly different, but the gist was the same.)

    Step 4: Security - Debug Settings and Password Protection

    If you are running your website in "Debug" mode, make sure to apply a password to it during development so that no one can access your secret debug information.

    Once you remove the password protection, make sure that the Debug mode is turned off.

    Read more about why you must never enable debug mode in production here.

    Step 5: Quality Assurance - HTML Validation

    Having valid HTML means that the HTML code you have written is correct and does not have any errors. An organization called the W3C manages the specifications for what constitutes valid vs invalid HTML markup, and currently we are on version HTML5.

    If you forget to close an HTML tag, use use the wrong tag name, or use an unknown attribute, your HTML is most-likely invalid. In a modern browser, this may not make a difference, but an older browser or search engine may not be able to make sense of this invalid markup and instead display wonky errors.

    If you’re noticing dramatic inconsistencies between different browsers, this is one of the first things to check!

    It Happens To The Best Of Us: Stray or unclosed tags happen easily if you don’t validate — even on a popular site like Smashing Magazine — and the results can be really funky.

    How to Address:

    1. Go to the W3C HTML Validator and enter the URL for the page on your site you want to test. Use the default options and click “Check.”
    2. Review the issues one by one, fix them in your code, and test with the validator again. Shoot to have zero errors and as few warnings as possible.
    3. Bonus Tip: If you’re having trouble reading your own HTML, use the Dirty Markup Tool to format your HTML for legibility. This can really help you read the hierarchy of the HTML more easily.

    Step 6: Quality Assurance - Accessibility

    When you’re thinking about your website, it can be easy to assume that other people are going to experience it as you are: in front of your computer, sitting down, with a keyboard and mouse, and that that person can hear and see and move their fingers about as easily as you can.

    But actually there are a lot of ways people might experience your website: they might have low dexterity and be unable to use a mouse, so they’re visiting it on a tablet with touch; they might be accessing it from a grocery store where they only have one hand available because the other is pushing a cart; they might be color blind; they might be stressed; they might have very low vision and be using a screen reader; they might be a robot search engine reading your web page’s code instead of looking at it.

    To make sure your website is flexible for all these potential situations, keep a few things in mind at minimum:

    • Make sure your website is compatible with all different devices — not just phones and tablets, but screen readers and search engines too.
    • Make sure the text on your website is large enough and has enough contrast for older or visually impaired readers.
    • Make sure the buttons and links on your website are big enough for someone with shaky hands or very large fingers.
    • To read the full list of accessibility accommodations, read though the WCAG Guidelines, keeping in mind that depending on what sector you are in, you may be required to follow ALL of the WCAG guidelines.

    Horror Story: Chances are if you run a business or organization that would be required to be ADA accessible in-person, then that also applies to your online presence. Failure to make a reasonable effort towards this end not only puts out many potential visitors, but may also leave you vulnerable to an expensive lawsuit.

    How to Address:

    1. First and foremost, make sure your HTML is valid following the steps from the previous section; this will ensure that you have the correct “alt” tags on media and that your web page can be interpreted by a screen reader.
    2. Look at your website with CSS turned off and see if makes sense from a hierarchical perspective. Ideally each page should read like an outline, with logical headers and paragraphs of text, and “alt” text in place of media. Use the “Disable HTML” extension for Chrome to easily disable CSS, JS and Images to view your site in this mode.
    3. Test your website with the WAVE Web Accessibility Tool: and resolve any errors that it raises.
    4. Test your contrast colors (especially links in body text) for various types of color blindness using the Total Color Filter Tool:
    5. Bonus Points: Download a screen reader like JAWS and actually test out how your website reads with it. For further reading about this, take a look at this article about optimizing your site for screen readers.

    Step 7: Quality Assurance - Load Times

    Slow load times are one of the most common causes of visitors bouncing off your site and trying a different one, so it’s very important that you ensure your site is loading as fast as possible.
    There are many things that can cause a website to load slowly, so I’ll go over the most common technical causes from the back to the front of the stack:

    • Slow DNS Resolution - This happens when your domain name or DNS records are not set up correctly.
    • Inefficient or Excessive Database Queries - This happens when database queries have not been optimized.
    • Lack of Caching - This happens when pages that are essentially static, but require database queries or processing, don’t get cached.
    • Un-minified Content (HTML, CSS, JS, images) - This happens when files are not minified or optimized for web.
    • Un-minified and Uncompressed Content (HTML, CSS, JS, Images) - This happens when gzip compression isn’t turned on.
    • Un-combined Static Files (CSS and JS) - This happens when the server doesn’t combine files together and makes too many simultaneous calls.
    • Overly-Javascript Dependent Rendering - This happens when the browser must finish loading and executing javascript before some element appears correctly.
    • Overly-Complex or Inefficient CSS - This happens when CSS has not been optimized.
    • Slow or Blocking Third-Party Plugins - This happens when poorly built third-party tools (like forms, videos, newsletter sign-ups, etc) must be loaded before the rest of the page finishes loading. This can result in the page feeling jerky or frozen for a moment.

    Why You Should Care: According to Google’s Double Click blog, websites that loaded faster had lower bounce rates, longer average sessions, and higher ad viewability. I think we can all recall the frustration of being on a slow and glitchy site. No one wants to be that slow and glitchy site.

    How To Address:

    1. The first thing you will need are starting benchmarks to see how your site is currently stacking up. Use these two amazing tools to test your load times: WebPagetest and PageSpeed Insights. WARNING: These tools are brutal and unsparing, but it’s better than NOT know how your load times are ranking.
    2. These two tests will score you on a variety on things, from server response times, to whether your static are optimized. Use these score to identify and apply improvements. IMPORTANT: Make improvements ONE step at a time, re-running the speed tests each time to ensure that the change you made was an actual improvement.

    Step 8: Quality Assurance - Interactive Components

    Before and after you go live, be sure to test all your interactive and third-party site components: video players, newsletter sign-ups, social media sharing buttons, contact forms, google analytics, etc. Maybe you set them up with a temporary “staging” URL, or incomplete text (e.g. “Testings 123 Newsletter”).

    Before launching and after launching, be sure to test each of these with real content to make sure they are still working and have all the correct information.

    Horror Story: If you don’t test these out, you may find, like I once did, that your email responders are full of “Lorem Ipsum” — fake placeholder text. I promise you it’s so much better if you’re the one to realize that rather than a visitor to your website.

    Step 9: Insurance - Backups

    If you enjoy peace of mind, this section is just for you. If you enjoy chaos, confusion, or being blindsided, then you can just skip this section.

    There are two things you absolutely need to back-up on a website: databases content and uploaded media. Database content is the stuff you enter through the CMS or user-generated content. Uploaded media are the files you have uploaded through the CMS. If your website goes down, the chances are you have the source code either on your computer or in the cloud somewhere. But unless you set up automatic backups, you can lose the database content and uploaded files forever.

    If you have the source code AND a recent database snapshot AND a recent copy of your uploaded files, then it may take time, but you can reconstruct your website without too much data loss.

    One key rule with these backups is that they should be to a DIFFERENT system than the one your website lives on. If the server hosting your website disintegrates, then it won’t be that helpful if you had database backups on it. Instead, backup your content to your own computer or a different service provider.

    A second rule with these backups is that you should start doing them as soon as you start entering content into the website. Don’t wait until after you’ve entered all your exceptional, award-winning content, start BEFORE that.

    Horror Story: I once deleted the entire media repository of a client when I misinterpreted a command line argument. A colleague of mine once emptied a database full of content right before a launch. Every developer has one or more scars like this, leading them to instinctively set up backups from the get go.

    How to Address:

    • If you are hosting your own website, set up a CRON to dump your database nightly and SFTP it to a separate server. Then set up an RSYNC to copy media from your directory to the separate server.
    • If you are using a managed service, then you probably don’t have access to database or media directory, but you can instead backup the site using a website download tool, such as:

    Step 10: Insurance - Uptime Monitor

    Apart from sitting in front of you computer and pressing the refresh button every minute, how do you know that your website is up and running? This is where an uptime monitor comes in: It simply refreshes your webpage every few minutes to check if it’s still running.This can be very helpful if something happens to your website while you’re just plodding along, enjoying your life.

    An uptime monitor is there to tap you on the shoulder and let you know something is catastrophically wrong with your website, more or less as soon as it goes down. It’s a bit of a killjoy, but it’s 1000% better than a visitor or client telling you your website is down.

    Horror Story: Before I knew about uptime monitors, I would regularly get emails from colleagues and clients asking “What happened to the website!?” — including on my honeymoon!

    How to Address:

    1. There are lots of tools out there for this, but I personally have used Uptime Robot and Pingdom. Create an account with one of these services, and set up a new monitor for your URL that send you an email
    2. Sleep easier.

    Step 11: Insurance - Error Notifications

    Error notifications work similarly to Uptime Monitors, but they let you know when an error has happened on your website. Often they in

    clude helpful information like which URL the visitor was on, what were they trying to do before getting the error, and even a stack trace of the error.You can skip this if you are using a managed service, but if you aren’t then I highly recommend it, even during the development stages!

    Horror Story: They say that truly scary stories are the ones that leave more up to the imagination. Well, when you don’t have error notifications set up, that’s exactly what you’re doing. Are your visitors getting errors? There’s no way to know…. Oh, the horror!

    How to Address: There are a bunch of services that are offering this these days, such as Roll Bar and Sentry. Set up an account and follow the installation instructions matching the framework you’re using on your website.

    Step 12: Visuals - Cross-Device and Cross-Browser Testing

    Now that I’ve scared you with security, and exhausted you with testing, now let’s look at something more fun: visuals!

    Cross-Device and Cross-Browser Testing

    When you release a website into the wild, you don’t know what kind of device it will be accessed on -- a phone, a library computer with running Netscape Navigator from ‘95, a smartwatch, or super-fast computer with a 4K monitor. You want to make sure your websites to all of these devices and browsers gracefully if not beautifully.

    I cannot tell you how many times I have sent a link to a client to review, only for them to tell me, in horror, that their site is awfully broken.

    Worth Your Time: This isn’t just applicable to sites with custom CSS. My sister recently submitted a Google Sites teaching portfolio for a very important job interview, only to discover that her video embeds didn’t work on some browsers. Not trying to pick on my sister -- she's the best -- just saying that even sites that you would expect to work just fine will have quirks between browsers. So check ‘em on every device!

    How to Address:

    1. If you don’t have a fleet of testing devices on-hand, I highly recommend the tool Browserstack for testing your website across devices and browsers.
    2. For minimum coverage, test your website on: Windows + Edge, Windows + IE, Windows + Firefox, Windows + Chrome, OSX + Safari, OSX + Firefox, OSX + Chrome, IPad, iPhone, and Android.
    3. For more extensive coverage, take a look at some of the older operating systems, less popular mobile platforms, and older browser version. Adjust your CSS styles to fix the issues you’re seeing, and then re-test on Browserstack to ensure it’s fixed.

    Step 13: Visuals - Favicon Stack

    To create a real custom touch, generate your own favicon stack for your site. Favicons are the little icons that represent your site in your browser tab, or when you create a shortcut to your site on your phone. These images should be around 260px by 260px, but be so simple in its design that it still looks good when shrunken down to 16px by 16px. (If that doesn’t sound difficult, you're in for a surprise.)

    This image can have a transparent background, but make sure to test it on different browsers, since some browsers use dark tabs (like Firefox) and others use light tabs (like Chrome).

    Amateur Moment: As you can see above, if you don’t customize your favicon, you risk blending in with the crowd.

    How to Address:

    1. Create a very simple image to use as your favicon. If this is your logo it should be the simplest version of it. This image should be square and about 260px by 260px.
    2. Go to the Favicon Generator Here and follow steps to generate your favicon stack and install it on your site.
    3. Once you’ve uploaded the updated favicon, check it here.

    Step 14: Visuals - Print Styles

    Depending on what kind of content you have on your website, print styles might be moot or might be critical. Think about all the pages on your site, and ask if any of them would lend themselves to being printed, such as articles, recipes, receipts, contact info page, event a calendar of events. At some point someone (maybe even you) will want to print out a page from your site, so you’ll want to make sure the site responds gracefully when they do.

    Happens to the Best Of Us: Even big, smart companies forget things like this.

    How to Address:

    1. Start with a boilerplate CSS print stylesheet. This will cover many common printing use-cases, such as how links should look when printed, not printing background images, breaking content in the right places, etc. Here a simple example to get you started.
    2. To achieve a higher level of customization (like how a printed recipe looks totally different than the recipe website), create an additional custom print CSS stylesheet. Extra Credit: Take a look through Smashing Magazine's article about print styles.

    Step 15: Visuals - Graceful Error Pages

    Though we try to make every effort to avoid errors, sometimes errors are inevitable, such as a 404 Not Found page or a 403 Forbidden or 405 Not Allowed.

    Amateur Moment: Imagine you launch your website and forget to redirect one of your old URLs to a new one. Without a custom 404 page, your visitors might see something like the image above.

    That image is so depressing, and after a website launch it’s pretty common for visitors to end up at this page more often than normal. Instead of this bleak depressing page, create a custom 404 page that’s warm, friendly, and even helpful. Maybe provide a form to search your site or a contact email address so that the visitor can let someone know about the broken link? Really anything is more helpful than the default error page.

    How to Address:

    How you setup the custom error page will vary wildly depending on which hosting service you use. Google "Custom 404 Error Page + [Insert name of your hosting service or web framework]" for specific details.

    Step 16: Visuals - CSS Text Selection

    This is quite low on the totem pole, but if you want to give your website that extra touch of of customization, create a custom text selection style. This is a bit of an Easter egg, but a chance to be bold in your design if appropriate.

    This is completely optional and absolutely nothing bad will happen if you don’t do this. Actually, you’re more likely to run into trouble if you create a poor color contrast combination, so do be mindful if you decide to do this!

    How to Address: Locate your custom CSS stylesheet so you can add custom styles. Add custom CSS selection style rules following the instructions here.

    Step 17: SEO - Metadata

    Metadata are bits of code in the top of the page that define how the site looks in search results and in social media posts. These include the page title, a very short description, and a preview image, among other things.
    How to Address:

    • Install the META SEO Inspector plugin for Chrome to test each individual page. This should allow you to see which text will appear in search engine results and on social media.
    • Use the Facebook Open Graph debugger to see how pages will appear when shared on Facebook.
    • Use the Twitter Card Validator to see how pages will appear when shared on Twitter.
    • Because you are limited in how much text you can put in these tags, there are special strategies to target specific keywords strategically. It is its own special form of black magic, and you can read about it here.
    • If you have more than one domain (or even ‘www’ subdomains) pointing to the same website, be sure to implement the ‘canonical’ tag. Read more about that here.

    Step 18: SEO - Sitemap.xml & Robots.txt

    Robots.txt tells good search engines which pages should appear in their search results. (This is merely a request, so bad search engines might ignore it.) Read more about how to format these files here.

    Sitemap.xml provides an index of all the URLs on your site. This is particularly important if you have a lot of pages on your site that aren't immediately obvious from your home page. You can go into a deeper dive on this here.

    You'll want to set up these two files before setting up your Google Webmaster tools account.

    Step 19: SEO - Google Analytics & Webmaster Tools

    If you haven’t already, create an account with Google Analytics and Webmaster Tools for monitoring traffic to your site and all sorts of other cool data.

    Amateur Moment: I have left “testing” analytics accounts in place on websites, pushing traffic to the wrong Google Analytics account. This needlessly worried clients who were already anxiously awaiting the site launch. Even if you have done already, triple check that it’s set up and going to the right account.

    How To Address:

    1. Log in to Google Analytics and create an account for your website. Install Analytics Tracking code in your website following their instructions.
    2. Log in to Google Webmaster Tools and create an account for your website. Verify your website ownership following their instructions.
    3. Connect your Google Analytics and Webmaster Tools accounts together.

    Step 20: Content - Check for Spelling & Lorem Ipsum

    Go through every page, every menu, every form, every email responder, every error message, every success message, every third-party component, and check the spelling and replace any lorem ipsum.

    Amateur Moment: If you don’t, you might find yourself featured on the Lorem Ipsum Fails blog.

    Step 21: Content - RSS Feed & Newsletter Sign Ups

    RSS & Newsletters are oldies but goodies, and I recommend setting them up if you have serial content on your website. RSS can help you draw traffic to your site, and you can also use it for generating the email newsletters with Mailchimp.

    Step 22: Content - Legal Review

    Before you launch, make sure you’ve thought about all the legal considerations of the content on your site:

    1. Do you have rights or permissions to the images you’re using?
    2. Does your content follow laws about copyright, trademarks, defamation, etc?
    3. Have you added a copyright indication to your site footer?
    4. Do you need to create a terms of use or service? Are you compliant with any industry specific requirements, such as HIPPA, COPPA, WCAG, PCI-DSS?

    Step 23: If You Have User Accounts

    If users are logging in to your site, you are in a different depth of complexity than a standard brochure-type website. There are many things to consider, but here are a few key points to keep in mind:


    As discussed in the first step, HTTPS is a critical piece of a secure website. If you have user log accounts, then HTTPS is a must on the entire site.

    Storing Passwords

    If you are creating user accounts, I highly recommend using a proven, secure third-party library or system for your use account storage rather than building one from scratch. These will usually take into account things like storing passwords securely. But if you must write this code from scratch, make absolutely sure to salt with a secret key and one-way hash the user passwords so that you aren’t storing them in plain text. And that’s at minimum -- there are many more aspects of security to keep in mind when storing passwords, which is why I recommend you offload that burden and use a proven, maintained library or third-party service.

    For the uninitiated, the reason you don’t want to store password in plain text is that if someone were to gain access to your database, they could see all your users’ passwords, and for any user who is re-using a password, they could use those credentials on other sites.

    All-Star Amateur Moment: This is pretty much the most embarrassing kind of thing a website creator can do.

    Personally Identifiable Information

    Ideally you want to reduce the amount of personally identifiable information you store about a user to the bare minimum, and the content that you do store, you should protect closely. This might mean encrypting your database fields with a secret hash, or better yet -- not storing this information at all!

    Depending on what sector you’re in, there are stricter regulations about what kind of data you store and how to store it. Here’s some "light reading" if you want to get into it.

    Children Accounts & COPPA

    What follows is a gross oversimplification, but summarizes the legal advice I’ve observed from various clients’ lawyers: If you can avoid it, don’t allow minor to create accounts on your website. If your website is specifically for minors -- such as for school -- don’t allow accounts for students under 13.

    If creating accounts for children under 13 is critical to your website, set aside some time to get very familiar with COPPA - the Children's Online Privacy Protection Rules - to ensure that you’re following it perfectly.

    I would also recommend consulting with a lawyer to make sure you’ve understood and implemented the rules correctly, as the fines for improper implementation can be very large.

    Hope You Have Some Money Socked Away: If you want to see how large the fines can be, browse the FTC’s repository of press releases under the COPPA tag. Fees range in the tens of thousands to hundreds of thousands.

    Terms of Service & Legal Review

    If you have user accounts, it’s a good idea to think about the legal ramifications of what you’re creating. There are lawyers that specialize in this and will help you review your site, the user data you collect and store, the cookies generated by third-party services, and turn this into legalese for you and your visitors to never read.

    Step 24: Replacing an Old Site - URL Inventory & Redirects

    If you are replacing an old site with a new one, there are special considerations you want to take into account to ensure that you don’t lose critical content or traffic.

    URL Inventory & Redirects

    If you are replacing an old site, you want first take an inventory of all the URLs on the old site, and then make a plan for where you want to redirect them. Some URLs will have a 1:1 from the old site to the new one. Others won’t because the structure of the site may have changed. You don’t have to redirect them all, but you should at least know what they are so that you’re making that decision actively.

    When setting up your URL redirects in your new site, make sure to set up a PERMANENT redirect, that is a 301 Redirect (as opposed to a 302 Temporary redirect). This is essential for letting the search engines know that they should take the old page, and it’s old ranking, and apply it to this new page. If you don’t do this correctly you can potentially lose the SEO ranking that you worked hard to achieve previously.

    It can be difficult to uncover all the URLs on a site if it has been around for while; blogs and other initiatives started with enthusiasm slowly become forgotten after a few years. I recommend using a tool that crawls the entire site recursively to uncover as many of the public-facing URLs as possible. My tool of choice is Integrity by Peacock Media, which has a free version:

    Worst Case Scenario: If your website runs at all on ad revenue, failure to redirect your URLs could result in a dramatic loss of traffic, and therefore a dramatic loss of revenue. ‘Nuf said.

    How to Address:

    1. Run a URL inventory to determine all public-facing URLs that exist on your current site and export these to a spreadsheet.
    2. In your spreadsheet, determine where you want each old path to redirect in your new site.
    3. In your new site, set up Permanent 301 URL redirects from the old path to the new one. Verify that the redirect works properly by entering the old path into the URL bar and making sure you are redirected to the new one.
    4. After launching the site, you can double-check that Google is interpreting these redirects correctly in the Webmaster Tools panel.

    Step 25: Replacing an Old Site - Archive Your Old Site

    If you have the option, I recommend creating a new subdomain at that points to your current website. This will allow you to reference back to your old site at the archived domain after your new site has been launched.

    Disaster Averted: If you are replacing a large site, less frequented parts of the old site can be forgotten. Seriously, I have had multiple clients that forgot about entire parts of their website until after launched, and they would have been nearly lost had we not archived the original site.

    How to Address:

    In your DNS settings, create a new subdomain entry that points to the current website that will be replaced.

    Step 26: Replacing an Old Site - Back Up Your Old Site

    In addition to archiving the old site, it’s helpful to actually back up and download the old one for posterity.

    Worst Case Scenario: If anything was missed and not migrated in the original URL inventory, it could be lost forever if you don’t backup the site.

    How to Address:

    • FTP into your old website and download the old files.
    • If you have databases associated with your website, log into your database admin tool and run a database SQL dump to backup the entire database.
    • If you have any uploads or media that are stored separately from the website itself, be sure to download those as well so you have a “complete” backup of your old site.

    Step 27: Advanced Topics

    I could go on and on, but instead I’ll just leave you with a few more topics to look into if you’re interested in diving in deeper:

    Step 28: Launch!

    If you’ve made it this far, you’re in much better shape to launch then I was the first many times I launched a website.
    Here on the internet, we stand on each other’s shoulders.

    Step 29: Post Launch

    Expect to fix bugs, issues and updates for the next few days and weeks
    Don’t worry, it will happen even to the best planners. Having all these other tasks out of the way will make it that much less stressful while you fix or change the things you didn’t anticipate.

    Check Again for Broken Links

    Re-run the URL crawler you did in the testing section to ensure new URLs are working correctly.

    Check your Google Webmaster Tools portal to ensure there are no new crawling errors introduced by new site.

    Observe Your New Traffic in Analytics for Any Issues

    Check Google Analytics to observe if there have been any big unintended changes to your traffic. If you notice huge drop-offs in traffic, this could be the result of an incorrect redirect, or other issue the new site.

    Pro Tips Challenge

    Participated in the
    Pro Tips Challenge